Several antivirus products are affected by a design flaw that allows malware or a local attacker to abuse the "restore from quarantine" feature to send previously detected malware to sensitive areas of the user's operating system, helping the malware gain boot persistence with elevated privileges.

Florian Bogner, a security auditor at Kapsch, an Austrian cyber-security company, discovered the flaw, which he's keeping track under the codename of AVGater.

Some antivirus vendors issued updates

Quote

Bogner says he notified all antivirus makers that he tested and found vulnerable. Today, the researcher published his findings after some companies issued updates.

Seeing that it pretty much requires physical local access it really doesn't matter as you can do way more when you have physical access. Also if you set the password under general settings > user interface, you would need to enter the password to open the view quarantine task.

Seeing that it pretty much requires physical local access it really doesn't matter as you can do way more when you have physical access. Also if you set the password under general settings > user interface, you would need to enter the password to open the view quarantine task.

at Futuretech , you have unintentionally "stolen" my answer !

With activated user password and activatedautosandbox ( containment ) , it is also "impossible" to load an unknown ( untrusted ) file on the computer , because a password is needed to get the file out of the sandbox , even if you are not at the computer and even if the attacker has physical access . Moreover , it is "not possible" to uninstall CIS and that all certainly also applies to CCAV , CAV and CFW . So to set a user password should be standard for everyone ! It just brings much more security . A definitely underrated safety feature !!!

Another very simple solution would be and that applies to all anti-virus programs and as long as these option exist , don't isolate the files or manually delete them after being moved . If nothing is there to restore , then nothing can be restored , to places where it should not be restored .